package cn.sc.summer.admin.config;

import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.access.intercept.RequestAuthorizationContext;
import org.springframework.stereotype.Component;

import java.util.function.Supplier;

/**
 * 类名：校验用户访问资源是否合法且有权限
 *
 * @author a-xin
 * @date 2024/9/18 17:31
 */
@Slf4j
@Component
public class AuthorizationServerManagerX implements AuthorizationManager<RequestAuthorizationContext> {

    @Override
    public void verify(Supplier<Authentication> authentication, RequestAuthorizationContext requestAuthorizationContext) {
        AuthorizationDecision decision = check(authentication, requestAuthorizationContext);
        if (decision != null && !decision.isGranted()) {
            throw new AccessDeniedException("Access Denied");
        }
    }

    /**
     * Determines if access is granted for a specific authentication and object.
     *
     * @param authentication              the {@link Supplier} of the {@link Authentication} to check
     * @return an {@link AuthorizationDecision} or null if no decision could be made
     */
    @Override
    public AuthorizationDecision check(Supplier authentication, RequestAuthorizationContext requestAuthorizationContext) {
        return new AuthorizationDecision(true);
    }

}
